Posted Wednesday 29th October 2008 11:44 GMT
"Clear thinking and paperwork
Getting the technology right
Focussing on people and technology"
And, may I suggest, "not having the data in the first place if it isn't necessary" - that's always the easiest / safest / most efficient solution.
Posted Wednesday 29th October 2008 12:48 GMT
'scuse me for probably sounding thick but how many of the public sector breaches were actually private sector firms under contract? I might have missed this but it didn't explain that point to me.
Posted Wednesday 29th October 2008 12:48 GMT
"He is doubtful that a law to force companies and government departments to notify individuals when their data has been lost."
WTF does that mean?
He's doubtful it'll be; effective? enforcable? policeable? practical? WHAT?
Otherwise, JF's comment "not having the data in the first place if it isn't necessary"is bang on target.
Posted Wednesday 29th October 2008 12:48 GMT
"Thomas said there were three aspects to good data protection:
* Clear thinking and paperwork
Getting the technology right
Focussing on people and technology"
I would suggest that he add a fourth:
"Not leaving it on the train"
Posted Wednesday 29th October 2008 12:48 GMT
This would be the same ICO that let phorm off the hook....
Posted Wednesday 29th October 2008 12:48 GMT
Well said, Sir. Couldn't have put it better myself.
Posted Wednesday 29th October 2008 12:48 GMT
Is this the same government that`s pushing ahead with the almost-universally despised identity card scheme? Sounds like the suits need a few lessons on data protection themselves but I agree 100% with Jimmy Floyd - don`t gather the data in the first place. I despair, sometimes. We`re all living on the same planet and don`t the powers-that-be who are actually trying to introduce all this spying (for that`s all it is) legislation realise that they too are also subject to these absurd laws. Don`t they also find them objectionable?
Posted Wednesday 29th October 2008 14:14 GMT
That private comanies notify the ICO of data losses, do they even know they happen. I have worked in both public and private sector and much as it dissapoints the "down with the man" appraoch, public sectoy try harder on this type of thing. Banks and Finance are regulated, but do you really really think that if some 10 man estate agents somewhere lost you file they go to the ICO? NO. Same for any small business in the uk.
The govt has to report these things and puts them on nice websites that El Reg and co can scan for thier latest story without having to leave thier desks. I dont support govt data loss, its rubbish, but if you think they are the only ones with a problem then your deluded.
Posted Wednesday 29th October 2008 14:14 GMT
I'd agree with you, except MP's have shown repeatedly that they're NOT going to be subject to snooping laws. Their children aren't going to be on the Child Protection Database, and who remembers the bruhaha a few months ago when an MP had his conversation with a constituent in prison recorded for "The purposes of solving crime"? They didn't like it then and I'm sure there will be more loopholes for them in other legislation that gets passed. The fact that their children won't be on the database is evidence enough that they KNOW how abhorrent their draconian "Social ordering" legislation is, and they don't want to be part of it. After all, they know thet're not terrorists, so all MP's can be trusted, it's just everyone else their not so sure about
Posted Wednesday 29th October 2008 14:14 GMT
What on earth gives you the idea that our NuLabourian overlords will leave themselves subject to the same "absurd laws" as the rest of us?
NuLabourian Gubbernmental Exclusions all round.
Posted Wednesday 29th October 2008 14:14 GMT
I think that list comes under things you should do to run a good company.
The functions of a CEO are:
1. To have a few gin and tonics with the lads from the city.
2. To manage their share options
3. To maximise their bonus.
4. To maximise payments to their pension fund.
5. To negotiate the best golden hello and parachute they possibly can.
6. To have a bit of bubbly at the shareholders meeting.
7. Set sound bite objectives for their company that impress analysts.
Don't think IT comes into it at all, isn't that they outsource it all to megacomputing corp. Who needs CIOs, CTOs, DPMs and ITDs.
Posted Thursday 30th October 2008 11:47 GMT
Keep schtum until someone else notices and you may get away with it.
So which is the most likely option..
Back to the article
